Cisco Blogs


Cisco Blog > Data Center and Cloud

Protection in the Cloud

Physical servers lend the comfort of knowing where your data is located and having control over access and protection of that data. But from a business perspective, there is a lot virtualization can offer. So what’s the compromise with security, and is it worth the switch to a cloud environment?

While the cloud is an “open environment,” with no physical equipment to hold data in a hard-and-fast location, there are security measures that can be taken. Understanding how your technology is being used and who would be interested in accessing stored information is an important step in protecting against security threats. It is also important to consider what type of cloud you are utilizing – public, private, or hybrid. When analyzed thoroughly, you can then integrate security controls into your architecture to view, manage, and control vulnerability and threats.

Finally, you must consider trust. How the technology is used depends on users, devices, applications, and data. Security policies and controls can be determined and installed after establishing how and why the data may be accessed. Vice President and Chief Information Security Officer at Intel explains in more detail the significance of trust and avoiding security breaches. Read what he has to say.

You  may want also to take advantage of our coming webcast to see how industry peers are doing to solve the very challenges Cloud adopters face. Tune in to a webcast on December 6 at 9:00 am PST  to hear from Cisco UCS customers Xerox and FICO Corporation, about how and why they used it in their Cloud environments.

 

Tags: , ,

Securing the Cloud with Common Criteria

Last week I attended the ICCC in Paris where Ashit Vora, Manager, Security Assurance, Cisco discussed the Cloud and how Common Criteria can be used to help mitigate threats.  The following is an excerpt from his presentation and food for thought on Cloud security.

More and more enterprises, including governments are moving their data “to the Cloud” in the hopes of saving infrastructure and maintenance costs.  But is this at the risk of security? As both private and public Clouds become pervasive, security is going to be a major concern.   Cloud infrastructure by definition has large amounts of information including proprietary information, competitive information, information of different classification levels, etc.  In addition, the types of mechanism available to access the information in the Cloud, such as B.Y.O.D. (Bring Your Own Device), are increasing day by day. If the proper security mechanisms are not in place and validated, it could prove to be damaging to all users of the Cloud.

Read More »

Tags: , , ,

ICCC 2012: Raising Awareness of Common Criteria, Promoting Security for Emerging Technologies

In this age of emerging technologies and increasingly complex cyber threats, government and enterprise organizations of all types need to ensure that products they use meet key security criteria, are standards based, perform as expected and interoperate reliably with existing technology.

As these organizations adopt new emerging technologies in hopes of saving on infrastructure and maintenance costs, is this at the risk of security? Without the proper security mechanisms in place and validated, the results could be catastrophic.

Common Criteria is an international standard for evaluating IT product security and reliability, recognized by more than 26 countries around the world. Common Criteria is considered a mandatory requirement for purchasing network security products by many governments.

The 13th International Common Criteria Conference, this year being held in Paris from September 18-20, will bring together leaders from governments and organizations of all types from around the world.

The ICCC Conference offers certification/validation schemes, evaluation laboratories, product developers, system integrators and product users to exchange expertise, experiences and skills on the application of the Common Criteria and security for Information and Communication Technology [ICT] solutions, such as Cloud Computing.

Cisco will participate in speaking sessions at the conference focused on topics including Supply Chain Security, Architectural approaches to Technical Communities and Collaborative Protection Profiles, Cloud Security and Innovation.

Details on the speaking sessions presented by and in collaboration with Cisco are below:

Progress Report from the Supply Chain Security Technical Workgroup
Sept. 19 at 11:30 CET
Track 1 – Room B/Chagall + Van Dongen
Michael Grimm, senior program manager, Microsoft and Terrie Diaz, product certification engineer, Cisco

An Architectural Framework Approach in the Development of Technical Communities and Collaborative Protection Profiles
Sept. 19 at 11:30 CET
Track 2 – Room C/Soutine & Utrillo
Axel Munde, BSI
Dirk Jan Out, Brightsight
Jen Gilbert, lead, global certifications strategy and policy, Cisco

Cloud Security and Common Criteria
Sept. 19 at 14:30 CET
Track 3 – Room D/Picasso
Ashit Vora, manager, security assurance – FIPS/Common Criteria, Cisco

Innovation and the Common Criteria
Sept. 19 at 15:00 CET
Track 3 – Room D/Picasso
Audrey Plonk, Intel
Jen Gilbert, lead, global certifications strategy and policy, Cisco

Visit ICCC and Cisco Global Government Certifications for more information.

Tags: , , , , , ,

Cloud Myopia (Pitfall 3: I Can See the Data Center Clearly, but Users Look Blurry )

cloud infrastructure considerations vs. cloud data center considerationsSince my previous posts on cloud anomalies, Cisco did a worldwide survey of 1000+ IT professionals across 13 countries regarding their cloud deployments. The results reinforced challenges with performance and security and confirmed my inklings. However, one statistic was quite surprising. You would think data center is the lynchpin of cloud. However, when asked about the most critical infrastructure for cloud, 37% went for the network vs. 28% for virtualized data center. Well if cloud is all about data center consolidation, virtualization, and elasticity, then what’s the fuss about the network?  Read More »

Tags: , ,

Cisco ScanSafe: Now Cloudy in Canada

One of the most enjoyable parts of my job as a product manager is launching a new product. Typically this is a shiny new widget or a great piece of software. But for a cloud-based service like Cisco’s ScanSafe Web Security solution, the infrastructure is a big part of the product.

For those not familiar with the product, ScanSafe offers web security solutions to organizations ranging from global enterprises to small businesses. The service provides multiple layers of malware protection and acceptable use controls to block users from specific websites and categories. It does this by redirecting end-user web traffic directly to the cloud where every web request is analyzed using artificial intelligence-based “scanlets” to determine the associated security risk. With such heavy processing and computation, the nature of the cloud is as important as the service in the cloud.

That is why today, I am pleased to welcome Canada to ScanSafe’s cloud with the addition of two datacenters—the first in Vancouver and the second in Toronto. Canada has been an early adopter of SaaS-based technologies, and our newest datacenters will help us serve our customers in the region. In addition, companies with branch offices in these locations will now benefit from a local internet breakout.

Read More »

Tags: , ,